Page 21 - ITGC_Audit Guides
P. 21
Security Windows operating system security is focused on Due to its open source nature,
three areas: users are able to review source
Identity and Access Management: permissions, code and identify any security
ownership of objects, inheritance of permissions, weaknesses.
user rights, and object auditing. Compared to Windows OS, Linux
Threat Protection: protects endpoints from cyber OS typically have fewer security
threats, detects advanced attacks and data vulnerabilities and have fewer
breaches, automates security incidents, and unprotected structures.
improves security posture.
Information Protection: addresses the threats of
data theft or exposure from lost, stolen, or
inappropriately decommissioned computers.
Mainframes
A mainframe is a computer (hardware) designed to host the commercial databases, transaction
servers, and applications that require a greater degree of security and availability than is
commonly found on smaller-scale machines. These machines remain in popular use by large
organizations due to their reliability and stability.
Mainframes process large amounts of data, such as country and industry statistics, and tasks
similar to bulk and high-volume transaction processing. Industries such as banking and insurance
rely on mainframes to process the enormous transaction volume generated by the financial
industry. In sectors such as health care, transportation, and public services, mainframes assist
with processing large data volumes and provide support for strict compliance requirements.
Mainframes are usually the preferred infrastructure type when there is a requirement for large
volumes of concurrent users. The aviation and airline travel industry is a good example because
online and travel agent bookings, flight simulations, and navigation systems require high
bandwidth applications and are heavily reliant on the capabilities of mainframes.
There are two main transaction-processing concepts for mainframes: batch job processing and
online transaction processing:
Batch jobs are processed without user intervention, where large volumes of information are
processed in bulk rather than as individual inputs. Batches, which can sometimes include
hundreds or thousands of transactions, are typically presequenced to execute at a specified
time window during off-peak periods. Outputs from batch-processed jobs are typically
summaries of information such as daily sales, order processing, and inventory updates.
Online Transaction Processing (OLTP) processes data typically requiring an immediate and
real-time response, and the user interaction with the mainframe is usually very short and
concurrent with processing. OLTP is beneficial for services that must be continuously
available and where data and information integrity are of high importance. This concept
applies to ATM transactions and credit or debit card purchases.
Some major manufacturers of mainframes are IBM and Fujitsu.
Mainframe Operating Systems
Due to the large amounts of data that a mainframe processes, its internal components, including
internal memory, processing capability, internal and external peripherals, storage, and operating
13 — theiia.org
